Explore top 10 tips to secure your open-source projects now. Read More
×
This update for libxml2 fixes the following issues
- CVE-2026-6732: crafted XSD-validated document can cause a denial of service (bsc#1262719).
- CVE-2026-11979: stack-based buffer overflows in the `xmlcatalog` utility when running in `--shell` mode (bsc#1269790).
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-1220=1
- openSUSE Leap 16.0:
libxml2-2-2.13.8-160000.5.1
libxml2-devel-2.13.8-160000.5.1
libxml2-doc-2.13.8-160000.5.1
libxml2-tools-2.13.8-160000.5.1
python313-libxml2-2.13.8-160000.5.1
* bsc#1262719
* bsc#1269790
References:
* https://www.suse.com/security/cve/CVE-2026-11979.html
* https://www.suse.com/security/cve/CVE-2026-6732.html
Get the latest Linux and open source security news straight to your inbox.